[Openswan dev] [Announce] Openswan 2.4.10 Released
Michael Richardson
mcr at sandelman.ottawa.on.ca
Tue Nov 6 20:29:26 EST 2007
>>>>> "Jacco" == Jacco de Leeuw <jacco2 at dds.nl> writes:
>> Most importantly, you can now use leftprotoport=17/0 to mean "any
>> single udp port", which is required for some L2TP implementations
>> that use a random high port but don't negotiate that port
>> properly (eg OSX).
Jacco> You mean rightprotoport=17/0 for Mac clients, not
Jacco> leftprotoport=17/0?
Jacco> IIRC leftprotoport=17/0 was for Cisco VPN 3000's and
Jacco> non-updated Windows 2000/XP clients.
Jacco> Also, I got "NAT-Traversal: Result using
Jacco> draft-ietf-ipsec-nat-t-ike (MacOS X)" when connecting with
Jacco> Vista. I had expected "RFC 3947 (NAT-Traversal)". Probably
Jacco> has something to do with the draft-ietf-ipsec-nat-t-ike-05
Jacco> that was added.
Hmm. Yes, we found that as well when we patched things from 2.4.10
into 2.5. I guess we should do a 2.4.11 with that patch at some point.
It did in fact use RFC3947 method, but the string says the wrong
value.
http://git.openswan.org/cgi-bin/gitweb.cgi?p=openswan.git;a=commit;h=f3a4c57e3cca974d2bb776d1a063cfff3178bab7
--
] Bear: "Me, I'm just the shape of a bear." | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
More information about the Dev
mailing list